North Korean Hackers “the Lazarus Group” Attack Nuclear Engineers
Overview In January 2024, security experts observed that the Lazarus Group, a well-known hacking collective linked to North Korea, targeted at least two employees of a nuclear-related organization over the span of a month. This effort stood out due to a “complex infection chain” that was used to…
0 Comments5 Minutes
Meta Platforms Fined €251 Million Following 2018 Data Breach
Significant Penalty for Meta Platforms Under EU Law Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been ordered to pay a €251 million fine (about $263 million) due to a large-scale data breach in 2018. The European regulators claim that the company failed to…
0 Comments4 Minutes
New Social Engineering Attack Uses Microsoft Teams to Spread DarkGate Malware
Overview of the Attack A recent social engineering attack has been spotted, using Microsoft Teams to help spread the DarkGate malware. According to cybersecurity experts Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta from Trend Micro, the attackers impersonated a trusted user’s client…
0 Comments4 Minutes
New Malvertising Scheme Found Using a Single Ad Network
Exploiting a Single Ad Platform for Wide-Scale Attacks Security researchers have uncovered a new kind of attack, known as "DeceptionAds," that depends on one main online ad network. This attack uses fake ads placed on over 3,000 sites to reach more than one million people every day. As a result,…
0 Comments3 Minutes
Apple Updates iOS and macOS to Patch Flaw
Overview of the Issue Apple has released security patches for iOS 18, iPadOS 18, and macOS Sequoia 15 to fix a problem that could allow certain apps to gain access to sensitive data without users knowing. This problem, identified as CVE-2024-44131 and rated 5.3 on the CVSS scale, was found in the…
0 Comments4 Minutes
New Threat Exploits Windows UI Automation to Bypass Security
How Windows UI Automation Can Be Misused for Harmful Actions A recent security discovery highlights how attackers can take advantage of Windows' UI Automation (UIA) framework to carry out a variety of malicious actions without triggering alarms from endpoint detection and response (EDR) tools. This…
0 Comments5 Minutes
New Mobile Phishing Scheme Targets Android Users with Enhanced Antidot Trojan
Sophisticated Mishing Campaign Unveiled Cybersecurity experts have discovered a new mobile phishing (mishing) attack aimed at distributing an advanced version of the Antidot banking malware. This marks the first time such a campaign has been identified by researchers in the field. You might be…
0 Comments5 Minutes
QR Codes and Email Assaults: Black Basta Evolves
Introduction Since early October 2024, the cybercriminal group known as Black Basta has been using new types of malware, including Zbot and DarkGate. They have also changed how they trick people, using different social methods to fool their targets. You might be interested in: Cyber Security…
0 Comments5 Minutes
Mitel MiCollab Vulnerability Discovered
Introduction to the Vulnerability Security researchers have discovered a dangerous flaw in Mitel MiCollab that can allow attackers to access sensitive files from vulnerable systems. This issue stems from a critical vulnerability, identified as CVE-2024-41713, which affects the NuPoint Unified…
0 Comments4 Minutes
Europol Shuts Down MATRIX Service
Europol’s takedown of the encrypted messaging service MATRIX and the subsequent law enforcement operations have highlighted significant efforts by international authorities to disrupt illegal communication networks and cybercrime activities. Here's a breakdown of key developments from the…
0 Comments5 Minutes